similar to: Locked account and logging in with public key

Hi! I just compiled/installed openssh 3.7p1 (and 3.7.1p1) for solaris some time ago. It has weird behaviour. When I run ssh <hostname> and I enter invalid password I get six password prompts: using new version of openssh: % ssh hostname Password: Password: Password: user at hosts's password: Permission denied, please try again. user at hosts's password: Permission denied, please

Hi! Is there any reason why support for the libwrap code isn't included in the X11 forwarding code? I'd like to restrict access to that port. How many applications would break if the tcp port would be closed and only the unix-domain socket would be available? It's true that x11 forwardings can be considered as a security risk and they are disabled because of that by default. I

Hi! I was browsing through archives and found out that somebody else was having the same problem as I'm. http://bugzilla.mindrot.org/show_bug.cgi?id=248 from the client, when I run scp to the server, I get: scp: warning: Executing scp1 compatibility. scp: FATAL: Executing ssh1 in compatibility mode failed (Check that scp1 is in your PATH). There are more details about this problem here:

Hi! Here is the patch to support tcp wrappers with x11-forwarded connections. The patch is for openssh-3.0.1p1 but it works fine with 2.9.9p2 too. I've understood that this will not be included in the official version because it adds complexity (?!) to openssh. Binding the forwarded port to localhost doesn't solve all problems. I've understood that you should also implement

>Using OpenSSH 3.1p1 on a Sun Solaris 7 box, I disabled an account using the >'passwd -l ...' command to lock the users password. However, the user can >still access the system via ssh. Whilst I could do other things such as >moving their .ssh directory, removing their account home directory, etc, >etc, is there some 'nicer' way to inform ssh that the account is now

maybe this is a silly question ;-) But why is it possible to login on a machine with a locked account (passwd -l ) via pubkey-authentication (authorized_keys) ? I use OpenSSH3.01p1on Solaris8 with PAM support so I thought this should not happen. If this is the normal behaviour and built in intentionally what would be the easiest way to lock an account without deleting the users authorized_keys ?

hi, this can be applied to the latest portable CVS. by default bind sshd fake display to localhost. [stevesk at jenny stevesk]$ uname -sr HP-UX B.11.11 [stevesk at jenny stevesk]$ echo $DISPLAY localhost:14.0 [stevesk at jenny stevesk]$ netstat -an|grep 6014 tcp 0 0 127.0.0.1.6014 *.* LISTEN this is currently controlled with sshd_config gatewayports;

Versions: openssh-3.8p1-33, heimdal-0.6.1rc3-51, XFree86-4.3.99.902-40, tk-8.4.6-37, all from SuSE 9.1 (unhacked); back-version peers have openssh-3.5p1, XFree86-4.3.0-115, etc. from SuSE 8.2. Symptoms: 1. When the client and server versions are unequal, the Kerberos ticket is not accepted for authentication. All the clients have PreferredAuthentications gssapi-with-mic, gssapi, others. 2.

Hi, I am trying to setup PAM for telnet on my solaris 9 box and the pam_winbind grant me access but I recieve a acount failure: Jul 4 13:29:59 clusterix1 pam_winbind[9688]: user 'patrikg' granted acces Jul 4 13:29:59 clusterix1 login[9688]: login account failure: Permission denied The values in pam.conf for winbind is: login auth required /usr/lib/security/pam_winbind.so other

I've googled my heart out, but I cannot see an example of ssh authentication with Active Directory and winbindd, particularly on Solaris 10. I have it working on Solaris 8 with telnet, but I'm trying to break my users of telnet. Has anyone got it working? If so, would you be willing to share the global section of your smb.conf and pam.conf with me? Is there something I need to put in one

Dear list, How do I test whether I have access to my winbind LDAP backend from my Solaris 9 machine? My LDAP database is held on a Redhat 9.0 machine also running Samba 3.0.0. I know winbind works because getent and wbinfo show up my NT users and groups. I would also like to have people log into my Solaris 9 machine with their NT usernames, I have this working on Redhat already but Solaris is

Hi Johannes, Thank you for your quick feddback. As I am using linux os build with buildroot on my raspberry pi I can't use package manager such as apt-get to install R. What I need to do is to get the precompiled R for arm arch and then when I build my linux image using buildroot I include the R precompiled package to my rootfs. Could you please send me a link where I can download

Hi All. This patch calls pam_chauthtok() to change an expired password via PAM during keyboard-interactive authentication (SSHv2 only). It is tested on Redhat 8 and Solaris 8. In theory, it should have simply been a matter of calling pam_chauthtok with the PAM_CHANGE_EXPIRED_AUTHTOK flag, it'd only change the password is if it's expired, right? From the Solaris pam_chauthtok man page:

Dear all, I am currently trying to cross compile R3.5.2 using X86 host and trying to cross compile for ARM target (raspberry pi 3 running on linux system generated by buildroot). The problem I am encountering is that the compilation fails because the current R buildsystem I trying to execute the R binary generated for Arm arch on the host X86 computer. My question is: Is there an R

https://bugzilla.mindrot.org/show_bug.cgi?id=2475 Bug ID: 2475 Summary: Login failure when PasswordAuthentication, ChallengeResponseAuthentication, and PermitEmptyPasswords are all enabled Product: Portable OpenSSH Version: 7.1p1 Hardware: ix86 OS: Linux Status: NEW

Dear list, I'm trying to get a Thumper (Sun Fire X4500) to play nice with AD so that we can offer a nearline storage service. Since many of our users will have multiple group memberships, it's imperative that samba be able to recurse through the groups that a user is a member of to determine if they have access to a resource. What happens instead is that every user who authenticates is

Hi, Here is a listw object z corresponding to the matrix W. I understand n, nn, S0, S1 and S2 in the weights constants summary. Is it simply so that n1 = n-1, n2 = n-2 and n3 = n-3? If this is true where they are needed? Just wondering Osmo > W [,1] [,2] [,3] [,4] [,5] [,6] [,7] [,8] [,9] [1,] 0 1 0 1 0 0 0 0 0 [2,] 1 0 1 0 1 0

Gang, For those who asked about making a Solaris system a Kerberos client to Active Directory, the magic document to have is: http://www.connectathon.org/seam1.0/files/c0101.htm See the section "How to Configure a SEAM Client Using a Windows 2000 KDC". SEAM was Sun's Kerberos client stuff in Solaris 8; it is just there as part of Solaris 9 and 10. These instructions apply if

I sent this the other day, but did not get any replies, can anyone help? Hi All, I have a sparc solaris 8 server running samba 2.2.11 (which i complied with winbind). The server has been running for years and has about 20 local users setup using local files for openssh and rexec logins, and samba shares. They each use samba to map to their home directory and a common shared folder. They also

https://bugzilla.mindrot.org/show_bug.cgi?id=2378 Bug ID: 2378 Summary: Allow login to a role using Hostbased auth on platforms supporting PAM_AUSER Product: Portable OpenSSH Version: 6.8p1 Hardware: Sparc OS: Solaris Status: NEW Severity: enhancement Priority: P5